Annotation of loncom/auth/lonracc.pm, revision 1.5

1.1       albertel    1: # The LearningOnline Network
                      2: # Access Handler for File Transfers
1.3       www         3: #
1.5     ! albertel    4: # $Id: lonracc.pm,v 1.4 2002/01/17 19:25:31 harris41 Exp $
1.3       www         5: #
                      6: # Copyright Michigan State University Board of Trustees
                      7: #
                      8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                      9: #
                     10: # LON-CAPA is free software; you can redistribute it and/or modify
                     11: # it under the terms of the GNU General Public License as published by
                     12: # the Free Software Foundation; either version 2 of the License, or
                     13: # (at your option) any later version.
                     14: #
                     15: # LON-CAPA is distributed in the hope that it will be useful,
                     16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     18: # GNU General Public License for more details.
                     19: #
                     20: # You should have received a copy of the GNU General Public License
                     21: # along with LON-CAPA; if not, write to the Free Software
                     22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     23: #
                     24: # /home/httpd/html/adm/gpl.txt
                     25: #
                     26: # http://www.lon-capa.org/
                     27: #
1.1       albertel   28: # (lonacc: Cookie Based Access Handler
                     29: # 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer)
1.2       www        30: # 6/16,6/18,7/3,
                     31: # 6/30/00 Gerd Kortemeyer
1.1       albertel   32: 
                     33: package Apache::lonracc;
                     34: 
                     35: use strict;
                     36: use Apache::Constants qw(:common :remotehost);
1.5     ! albertel   37: use Apache::lonnet();
1.1       albertel   38: use Apache::File();
                     39: 
1.5     ! albertel   40: sub subscribed {
        !            41:     my ($filename,$id) = @_;
        !            42:     my $found=0;
        !            43:     my $expr='^'.$id.':'.$Apache::lonnet::hostip{$id}.':';
        !            44:     $expr =~ s/\./\\\./g;
        !            45:     my $sh;
        !            46:     if ($sh=Apache::File->new("$filename.subscription")) {
        !            47: 	while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
        !            48: 	$sh->close();
        !            49:     }
        !            50:     return $found;
        !            51: }
        !            52: 
1.1       albertel   53: sub handler {
                     54:     my $r = shift;
                     55:     my $reqhost;
                     56:     unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
                     57:        $r->log_reason("Spoof request");
                     58:        return FORBIDDEN;
                     59:     }
                     60:     my $readline;
                     61:     my $lontabdir=$r->dir_config('lonTabDir');
                     62:     {
                     63:        my $fh;
                     64:        unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
                     65:           $r->log_reason("Could not find host tab file");
                     66:           return FORBIDDEN;
                     67:        }
                     68:        while ($readline=<$fh>) {
                     69:           my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
                     70:           if ($name =~ /$reqhost/i) {
                     71:               my $filename=$r->filename;
1.5     ! albertel   72:               if ((-e "$filename.$id") ||
        !            73: 		  &subscribed($filename,$id) ||
        !            74: 		  ($filename=~/\.meta$/)) {
1.1       albertel   75: 	         return OK;
                     76:               } else {
                     77:                  $r->log_reason("$id not subscribed", $r->filename);
                     78:                  return FORBIDDEN;
                     79:               }
                     80:           }
                     81:        }
                     82: 
                     83:     }
                     84:     $r->log_reason("Invalid request for file transfer from $reqhost", 
                     85:                    $r->filename); 
                     86:     return FORBIDDEN;
                     87: }
                     88: 
                     89: 1;
                     90: __END__
                     91: 
1.4       harris41   92: =head1 NAME
                     93: 
                     94: Apache::lonracc - Access Handler for File Transfers
                     95: 
                     96: =head1 SYNOPSIS
                     97: 
                     98: Invoked by /etc/httpd/conf/loncapa.conf:
                     99: 
                    100:  <LocationMatch "^/raw.*">
                    101:  PerlAccessHandler Apache::lonracc
                    102:  </LocationMatch>
                    103: 
                    104: =head1 INTRODUCTION
                    105: 
                    106: This module enables authentication for file transfers and works
                    107: against the /res tree.
                    108: 
                    109: Only lond invokes the /raw namespace through its subscribe function.
                    110: 
                    111: This is part of the LearningOnline Network with CAPA project
                    112: described at http://www.lon-capa.org.
                    113: 
                    114: =head1 HANDLER SUBROUTINE
                    115: 
                    116: This routine is called by Apache and mod_perl.
                    117: 
                    118: =over 4
                    119: 
                    120: =item *
                    121: 
                    122: Determine requesting host
                    123: 
                    124: =item *
                    125: 
                    126: See whether or not the requesting host is subscribed.
                    127: 
                    128: =item *
                    129: 
                    130: Respond with status of request and make log entry in case of unallowed
                    131: access.
                    132: 
                    133: =back
                    134: 
                    135: =cut
1.1       albertel  136: 
                    137: 
                    138: 
                    139: 
                    140: 
                    141: 
                    142: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>